CISO2CISO.COM & CYBER SECURITY GROUP

GUEST ESSAY: These common myths and misconceptions make online browsing very risky

For the average user, the Internet is an increasingly dangerous place to navigate.

Related: Third-party snooping is widespread

Consider that any given website experiences approximately 94 malicious attacks a day, and that an estimated 12.8 million websites are infected with malware. So, in response to these numbers, users are seeking ways to implement a more secure approach to web browsing.

Generally, there are basic practices individuals can take to strengthen their cybersecurity while browsing the web. However, such prevailing rudimentary practices have fostered a degree of naivety, and certain myths have arisen about the security and effectiveness of these practices.

Implementing basic cyber hygiene practices often makes users think they’re immune to infection. This in turn makes users complacent, which allows them to be exposed to malicious malware when least expecting it.

Common misconceptions

There are a variety of myths regarding safe web browsing. Most of these have to do with preventing malware from infecting your device. Malware is any kind of software designed to interfere with your device or network, whether it’s gaining access to your protected data or disrupting your systems to bring them to a halt.

The prevailing misconceptions include:

•You can only contract malware or viruses through downloads.

We’ve been conditioned to think that by avoiding suspect attachments or downloads, we’re totally in the clear. However, you can be exposed to malware through multiple mechanisms, including by simply visiting a website. The malware on the website can test for vulnerabilities on your browser in order to infect your device. No attachment needed. 

•I only browse trusted sites, so I shouldn’t be concerned about malware infections.

Malware can be hosted on any site, no matter how secure or reputable it is. Moreover, the vast majority of malware is actually deployed on trusted websites. One study found that 75 percent of supposedly trusted websites have vulnerabilities that leave them open to malware infections.

I frequently clear my cache, so third-party data collectors can’t collect and sell my personal data.

Well, having a cache to clear out means your default browser setting is to allow cookies. The cookies are still tracking your activity across websites and gleaning data from you moment by moment. Unless you’re clearing your cache by the minute, third-party data collectors are gaining plenty of insights into your behavior. Moreover, malware and viruses can also be disguised as cookies; once they’ve infected your device, clearing your cache is useless.

•Incognito mode protects my personal information from bad actors.

Going “incognito” doesn’t actually make you incognito. For one, while incognito mode blocks cookies and browsing history records, it doesn’t hide your IP address. This means you can still be easily identified. Furthermore, once malware is installed on your device, it’s still tracking your activity and stealing sensitive information, even in incognito mode.

Steps to safe browsing

If you want to browse safely, you need to take control and inform yourself of the reality of the threats. Afterwards, you can develop realistic mitigation strategies.

Effective, routine practices to establish include frequently updating your web browser to keep pace with the latest security updates; adjusting your browser’s security settings to disable third-party cookies; and enabling multi-factor authentication to access your accounts.

Levitt

You can also utilize Google’s Safe Browsing as another tool in your security arsenal. Every day, Google scans billions of URLs looking for unsafe websites, and many of those it flags are legitimate sites that have been compromised. The safe browsing feature then works on two fronts: the search engine tells you if it suspects a website in its results is infected, while the Chrome web browser alerts you anytime you visit a potentially infected or unsafe site.

However, by using safe browsing, you’re also sharing more personal data like browsing history with Google so that the company can validate what’s safe, and this has far-reaching implications for user privacy.

A more secure way to protect your online activity and personal information is through ad block extensions; any good ad blocker also prevents data analytics, user attribution, and third-party cookies. Moreover, by not displaying advertisements on the page, ad blockers reduce the attack surface area, limiting the areas where you can be infected with malware.

In all, though, while completely safe web browsing may seem unachievable, you can implement a variety of privacy-preserving tactics and best practices to improve security and protect your data. Remember: no matter where you stand currently, you can always be a little safer.

About the essayist: Michael Levitt is the CEO of Tempest a supplier of innovative browser privacy products that ensure user safety across every touchpoint online.

Leer másThe Last Watchdog

Leave a Reply

Your email address will not be published. Required fields are marked *